60 lines
No EOL
1.4 KiB
YAML
60 lines
No EOL
1.4 KiB
YAML
apiversion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: bitwarden-pod
|
|
annotations:
|
|
io.podman.annotations.infra.name: bitwarden-pod-infra
|
|
spec:
|
|
containers:
|
|
- name: vaultwarden
|
|
image: docker.io/vaultwarden/server:alpine
|
|
env:
|
|
- name: SIGNUPS_ALLOWED
|
|
value: false
|
|
- name: DATABASE_URL
|
|
value: "postgresql://postgres:<secret>@bitwarden-pod-postgres/vaultwarden"
|
|
- name: ROCKET_PORT
|
|
value: 3000
|
|
ports:
|
|
- containerport: 3000
|
|
hostport: 1080
|
|
protocol: TCP
|
|
volumemounts:
|
|
- mountpath: /data
|
|
name: vaultwarden-data
|
|
- mountpath: /etc/localtime
|
|
name: localtime
|
|
readonly: true
|
|
|
|
- name: postgres
|
|
image: docker.io/library/postgres:16-alpine
|
|
env:
|
|
- name: POSTGRES_PASSWORD
|
|
valuefrom:
|
|
secretkeyref:
|
|
name: bitwarden-secrets
|
|
key: postgres-password
|
|
volumemounts:
|
|
- mountpath: /dump
|
|
name: postgres-dump
|
|
- mountpath: /var/lib/postgresql/data
|
|
name: postgres-data
|
|
- mountpath: /etc/localtime
|
|
name: localtime
|
|
readonly: true
|
|
|
|
volumes:
|
|
- persistentvolumeclaim:
|
|
claimname: bitwarden-pod-vaultwarden-data
|
|
name: vaultwarden-data
|
|
- hostpath:
|
|
path: <home>/.dump/bitwarden
|
|
type: Directory
|
|
name: postgres-dump
|
|
- persistentvolumeclaim:
|
|
claimname: bitwarden-pod-postgres-data
|
|
name: postgres-data
|
|
- hostPath:
|
|
path: /etc/localtime
|
|
type: File
|
|
name: localtime |